oid_rails4 0.0.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/MIT-LICENSE +20 -0
- data/README.md +112 -0
- data/Rakefile +29 -0
- data/lib/obfuscate_id/version.rb +3 -0
- data/lib/obfuscate_id.rb +63 -0
- data/lib/tasks/obfuscate_id_tasks.rake +4 -0
- metadata +161 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 036c79ffd85c60933715d3cc24aebac37f01a8fb
|
4
|
+
data.tar.gz: bd719c73ccb72469c49e0174c91a960025759eb6
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 2dfa9bcf6864faf7b70aa06aed4d495c92b220c4cf78f32c4209b741946b786552377dd541f6d0f4b4cf3fd83e07cb15cef7e3709beea8e5c172bb1cf465ef0b
|
7
|
+
data.tar.gz: 24f1b0a74d658dffaf80cdb0e43dbda13fc991ad95d3521f2710e57ea131d6f1f572fda360d67f7f8b8bd78600d0cc0342bf22711cdb737932ec4c114d3e9fa9
|
data/MIT-LICENSE
ADDED
@@ -0,0 +1,20 @@
|
|
1
|
+
Copyright 2012 Nathan Amick
|
2
|
+
|
3
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
4
|
+
a copy of this software and associated documentation files (the
|
5
|
+
"Software"), to deal in the Software without restriction, including
|
6
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
7
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
8
|
+
permit persons to whom the Software is furnished to do so, subject to
|
9
|
+
the following conditions:
|
10
|
+
|
11
|
+
The above copyright notice and this permission notice shall be
|
12
|
+
included in all copies or substantial portions of the Software.
|
13
|
+
|
14
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
15
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
16
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
17
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
18
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
19
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
20
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.md
ADDED
@@ -0,0 +1,112 @@
|
|
1
|
+
# obfuscate_id
|
2
|
+
[![Build Status](https://secure.travis-ci.org/namick/obfuscate_id.png)](http://travis-ci.org/namick/obfuscate_id) [![Dependency Status](https://gemnasium.com/namick/obfuscate_id.png)](https://gemnasium.com/namick/obfuscate_id) [![Code Climate](https://codeclimate.com/github/namick/obfuscate_id.png)](https://codeclimate.com/github/namick/obfuscate_id)
|
3
|
+
|
4
|
+
**Make your ActiveRecord ids non-obvious**
|
5
|
+
|
6
|
+
![cat with sunglasses](http://i.imgur.com/kYOtUll.jpg)
|
7
|
+
|
8
|
+
|
9
|
+
obfuscate_id turns a URL like this:
|
10
|
+
|
11
|
+
http://example.com/users/3
|
12
|
+
|
13
|
+
into something like:
|
14
|
+
|
15
|
+
http://example.com/users/2356513904
|
16
|
+
|
17
|
+
Sequential ActiveRecord ids become non-sequential, random looking, numeric ids.
|
18
|
+
|
19
|
+
# post 7000
|
20
|
+
http://example.com/posts/5270192353
|
21
|
+
# post 7001
|
22
|
+
http://example.com/posts/7107163820
|
23
|
+
# post 7002
|
24
|
+
http://example.com/posts/3296163828
|
25
|
+
|
26
|
+
## Why would you want this?
|
27
|
+
|
28
|
+
If your site is scaling well, you might not want to leak that you are getting 50 new posts a minute.
|
29
|
+
|
30
|
+
Or, for new websites, you may not want to give away how few people are signed up.
|
31
|
+
|
32
|
+
Every website has a third user, but that third user doesn't have to know he is the third user.
|
33
|
+
|
34
|
+
## Features
|
35
|
+
|
36
|
+
* Extreemly simple. A single line of code in the model turns it on.
|
37
|
+
* Transforms normal seqential ids into random-looking ten digit numerical strings.
|
38
|
+
* Gently masks resource ids while retaining a cleaner look than using an encrypted hash.
|
39
|
+
* No database changes or migrations are needed. The record is still stored in the database with its original id.
|
40
|
+
* Fast, no heavy calculation.
|
41
|
+
|
42
|
+
|
43
|
+
## Installation
|
44
|
+
|
45
|
+
Add the gem to your Gemfile.
|
46
|
+
|
47
|
+
gem "obfuscate_id"
|
48
|
+
|
49
|
+
Run bundler.
|
50
|
+
|
51
|
+
bundle install
|
52
|
+
|
53
|
+
## Usage
|
54
|
+
|
55
|
+
In your model, add a single line.
|
56
|
+
|
57
|
+
class Post < ActiveRecord::Base
|
58
|
+
obfuscate_id
|
59
|
+
end
|
60
|
+
|
61
|
+
## Customization
|
62
|
+
|
63
|
+
If you want your obfuscated ids to be different than some other website using the same plugin, you can throw a random number (spin) at obfuscate_id to make it hash out unique ids for your app.
|
64
|
+
|
65
|
+
class Post < ActiveRecord::Base
|
66
|
+
obfuscate_id :spin => 89238723
|
67
|
+
end
|
68
|
+
|
69
|
+
## How it works
|
70
|
+
|
71
|
+
obfuscate_id mixes up the ids in a simple, reversable hashing algorithm so that it can then automatically revert the hashed number back to the original id for record lookup without having to store a hash or tag in the database.
|
72
|
+
|
73
|
+
Each number from 0 to 9,999,999,999 is paired with one and only one number in that same range. That other number is paired back to the first. This is an example of a minimal perfect hash function. Within a set of ten billion numbers, it simply maps every number to a different 10 digit number, and back again.
|
74
|
+
|
75
|
+
Plain record ids are switched to the obfuscated id in the model's `to_param` method.
|
76
|
+
|
77
|
+
ActiveRecord reverses this obfuscated id back to the plain id before building the database query. This means no migrations or changes to the database. Yay!
|
78
|
+
|
79
|
+
## Limitations
|
80
|
+
|
81
|
+
* This is not security. obfuscate_id was created to lightly mask record id numbers for the casual user. If you need to really secure your database ids (hint, you probably don't), you need to use real encryption like AES.
|
82
|
+
* To properly generate obfuscated urls, make sure you trigger the model's `to_param` method by passing in the whole object rather than just the id; do this: `post_path(@post)` not this: `post_path(@post.id)`.
|
83
|
+
|
84
|
+
## Development
|
85
|
+
|
86
|
+
To run the tests, first clone the repo and run bundler:
|
87
|
+
|
88
|
+
git clone git@github.com:namick/obfuscate_id.git
|
89
|
+
cd obfuscate_id
|
90
|
+
bundle install
|
91
|
+
|
92
|
+
Change to the dummy rails app and load the test database
|
93
|
+
|
94
|
+
cd spec/dummy
|
95
|
+
bundle exec rake db:test:load
|
96
|
+
cd -
|
97
|
+
|
98
|
+
Run the tests
|
99
|
+
|
100
|
+
bundle exec rspec spec
|
101
|
+
|
102
|
+
Or have Guard run them continuously
|
103
|
+
|
104
|
+
bundle exec guard
|
105
|
+
|
106
|
+
## Contributing
|
107
|
+
|
108
|
+
1. Fork it
|
109
|
+
2. Create your feature branch (`git checkout -b my-new-feature`)
|
110
|
+
3. Commit your changes (`git commit -am 'Add some feature'`)
|
111
|
+
4. Push to the branch (`git push origin my-new-feature`)
|
112
|
+
5. Create new Pull Request
|
data/Rakefile
ADDED
@@ -0,0 +1,29 @@
|
|
1
|
+
#!/usr/bin/env rake
|
2
|
+
begin
|
3
|
+
require 'bundler/setup'
|
4
|
+
rescue LoadError
|
5
|
+
puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
|
6
|
+
end
|
7
|
+
begin
|
8
|
+
require 'rdoc/task'
|
9
|
+
rescue LoadError
|
10
|
+
require 'rdoc/rdoc'
|
11
|
+
require 'rake/rdoctask'
|
12
|
+
RDoc::Task = Rake::RDocTask
|
13
|
+
end
|
14
|
+
|
15
|
+
RDoc::Task.new(:rdoc) do |rdoc|
|
16
|
+
rdoc.rdoc_dir = 'rdoc'
|
17
|
+
rdoc.title = 'ObfuscateId'
|
18
|
+
rdoc.options << '--line-numbers'
|
19
|
+
rdoc.rdoc_files.include('README.rdoc')
|
20
|
+
rdoc.rdoc_files.include('lib/**/*.rb')
|
21
|
+
end
|
22
|
+
|
23
|
+
Bundler::GemHelper.install_tasks
|
24
|
+
|
25
|
+
require 'rspec/core/rake_task'
|
26
|
+
|
27
|
+
RSpec::Core::RakeTask.new(:spec)
|
28
|
+
|
29
|
+
task :default => :spec
|
data/lib/obfuscate_id.rb
ADDED
@@ -0,0 +1,63 @@
|
|
1
|
+
module ObfuscateId
|
2
|
+
|
3
|
+
def obfuscate_id(options = {})
|
4
|
+
require 'scatter_swap'
|
5
|
+
|
6
|
+
extend ClassMethods
|
7
|
+
include InstanceMethods
|
8
|
+
cattr_accessor :obfuscate_id_spin
|
9
|
+
self.obfuscate_id_spin = (options[:spin] || obfuscate_id_default_spin)
|
10
|
+
end
|
11
|
+
|
12
|
+
def self.hide(id, spin)
|
13
|
+
ScatterSwap.hash(id, spin)
|
14
|
+
end
|
15
|
+
|
16
|
+
def self.show(id, spin)
|
17
|
+
ScatterSwap.reverse_hash(id, spin)
|
18
|
+
end
|
19
|
+
|
20
|
+
|
21
|
+
module ClassMethods
|
22
|
+
def find(*args)
|
23
|
+
if has_obfuscated_id?
|
24
|
+
args[0] = ObfuscateId.show(args[0], self.obfuscate_id_spin)
|
25
|
+
end
|
26
|
+
super(*args)
|
27
|
+
end
|
28
|
+
|
29
|
+
def has_obfuscated_id?
|
30
|
+
true
|
31
|
+
end
|
32
|
+
|
33
|
+
# Generate a default spin from the Model name
|
34
|
+
# This makes it easy to drop obfuscate_id onto any model
|
35
|
+
# and produce different obfuscated ids for different models
|
36
|
+
def obfuscate_id_default_spin
|
37
|
+
alphabet = Array("a".."z")
|
38
|
+
number = name.split("").collect do |char|
|
39
|
+
alphabet.index(char)
|
40
|
+
end
|
41
|
+
number.join.to_i
|
42
|
+
end
|
43
|
+
|
44
|
+
end
|
45
|
+
|
46
|
+
module InstanceMethods
|
47
|
+
def to_param
|
48
|
+
ObfuscateId.hide(self.id, self.class.obfuscate_id_spin)
|
49
|
+
end
|
50
|
+
|
51
|
+
# Temporarily set the id to the parameterized version,
|
52
|
+
# as ActiveRecord::Persistence#reload uses self.id.
|
53
|
+
def reload(options=nil)
|
54
|
+
actual_id = self.id
|
55
|
+
self.id = to_param
|
56
|
+
super(options).tap do
|
57
|
+
self.id = actual_id
|
58
|
+
end
|
59
|
+
end
|
60
|
+
end
|
61
|
+
end
|
62
|
+
|
63
|
+
ActiveRecord::Base.extend ObfuscateId
|
metadata
ADDED
@@ -0,0 +1,161 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: oid_rails4
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.0.3
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Alex Perelman
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2013-09-25 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: scatter_swap
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - ~>
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: 0.0.2
|
20
|
+
type: :runtime
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - ~>
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: 0.0.2
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: rails
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - ~>
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: 4.0.0
|
34
|
+
type: :runtime
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - ~>
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: 4.0.0
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: sqlite3
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - '>='
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: '0'
|
48
|
+
type: :development
|
49
|
+
prerelease: false
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - '>='
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '0'
|
55
|
+
- !ruby/object:Gem::Dependency
|
56
|
+
name: rspec-rails
|
57
|
+
requirement: !ruby/object:Gem::Requirement
|
58
|
+
requirements:
|
59
|
+
- - '>='
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: '0'
|
62
|
+
type: :development
|
63
|
+
prerelease: false
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
65
|
+
requirements:
|
66
|
+
- - '>='
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: '0'
|
69
|
+
- !ruby/object:Gem::Dependency
|
70
|
+
name: capybara
|
71
|
+
requirement: !ruby/object:Gem::Requirement
|
72
|
+
requirements:
|
73
|
+
- - '>='
|
74
|
+
- !ruby/object:Gem::Version
|
75
|
+
version: '0'
|
76
|
+
type: :development
|
77
|
+
prerelease: false
|
78
|
+
version_requirements: !ruby/object:Gem::Requirement
|
79
|
+
requirements:
|
80
|
+
- - '>='
|
81
|
+
- !ruby/object:Gem::Version
|
82
|
+
version: '0'
|
83
|
+
- !ruby/object:Gem::Dependency
|
84
|
+
name: guard-rspec
|
85
|
+
requirement: !ruby/object:Gem::Requirement
|
86
|
+
requirements:
|
87
|
+
- - '>='
|
88
|
+
- !ruby/object:Gem::Version
|
89
|
+
version: '0'
|
90
|
+
type: :development
|
91
|
+
prerelease: false
|
92
|
+
version_requirements: !ruby/object:Gem::Requirement
|
93
|
+
requirements:
|
94
|
+
- - '>='
|
95
|
+
- !ruby/object:Gem::Version
|
96
|
+
version: '0'
|
97
|
+
- !ruby/object:Gem::Dependency
|
98
|
+
name: guard-spork
|
99
|
+
requirement: !ruby/object:Gem::Requirement
|
100
|
+
requirements:
|
101
|
+
- - '>='
|
102
|
+
- !ruby/object:Gem::Version
|
103
|
+
version: '0'
|
104
|
+
type: :development
|
105
|
+
prerelease: false
|
106
|
+
version_requirements: !ruby/object:Gem::Requirement
|
107
|
+
requirements:
|
108
|
+
- - '>='
|
109
|
+
- !ruby/object:Gem::Version
|
110
|
+
version: '0'
|
111
|
+
- !ruby/object:Gem::Dependency
|
112
|
+
name: rb-inotify
|
113
|
+
requirement: !ruby/object:Gem::Requirement
|
114
|
+
requirements:
|
115
|
+
- - '>='
|
116
|
+
- !ruby/object:Gem::Version
|
117
|
+
version: '0'
|
118
|
+
type: :development
|
119
|
+
prerelease: false
|
120
|
+
version_requirements: !ruby/object:Gem::Requirement
|
121
|
+
requirements:
|
122
|
+
- - '>='
|
123
|
+
- !ruby/object:Gem::Version
|
124
|
+
version: '0'
|
125
|
+
description: Make your ActiveRecord IDs non-obvious
|
126
|
+
email:
|
127
|
+
- alex@weilos.com
|
128
|
+
executables: []
|
129
|
+
extensions: []
|
130
|
+
extra_rdoc_files: []
|
131
|
+
files:
|
132
|
+
- lib/obfuscate_id/version.rb
|
133
|
+
- lib/obfuscate_id.rb
|
134
|
+
- lib/tasks/obfuscate_id_tasks.rake
|
135
|
+
- MIT-LICENSE
|
136
|
+
- Rakefile
|
137
|
+
- README.md
|
138
|
+
homepage: https://github.com/namick/obfuscate_id
|
139
|
+
licenses: []
|
140
|
+
metadata: {}
|
141
|
+
post_install_message:
|
142
|
+
rdoc_options: []
|
143
|
+
require_paths:
|
144
|
+
- lib
|
145
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
146
|
+
requirements:
|
147
|
+
- - '>='
|
148
|
+
- !ruby/object:Gem::Version
|
149
|
+
version: '0'
|
150
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
151
|
+
requirements:
|
152
|
+
- - '>='
|
153
|
+
- !ruby/object:Gem::Version
|
154
|
+
version: '0'
|
155
|
+
requirements: []
|
156
|
+
rubyforge_project:
|
157
|
+
rubygems_version: 2.0.7
|
158
|
+
signing_key:
|
159
|
+
specification_version: 4
|
160
|
+
summary: Mask ActiveRecord IDs
|
161
|
+
test_files: []
|